HMEx ASSISTANT LLC

 PRIVACY POLICY

 

Last modified on Sept 22, 2020

HMEx Assistant  LLC d/b/a HMEx Assistant (referred to hereinafter as, “HMEx”, or “Company,” or “We,” or “Us,” or “Our”), provides a web based and mobile application software solutions for building and fire officials, building owners, and designers to assist with classifying hazardous materials and comparing hazardous material inventory quantities with quantity limits established by the International Fire Code and International Building Code (the “Services”) located at hmexassistant.com (“Site”) or through the application HMEx Assistant (“Application” or “App”).

Please read this document carefully because this Privacy Policy (“Policy”) and Our Terms of Service, incorporated by reference, describe the legally binding agreement between You and/or Your company (referred to hereinafter as, “You”, or “User,” or “Your”) and Us. By registering Your company, You agree that You are solely responsible for all of Your company’s licensed users’ activities while accessing and using the Services, and You agree that Your company’s licensed users agree to use the Services in compliance with this Policy and Our Terms of Service. This Policy intends to describe Our use of any of Your Data, navigational data, personal or sensitive information acquired, stored and/or maintained through Your use of the Services, including the Site and App. This Policy applies to all data, including navigational data, Personal Data, and sensitive data collected by Us. It also describes Your choices regarding use, access, rights and correction of Your Personal Information. If You do not agree with the data practices described in this Privacy Policy, You shall not use the Site, App or the Services.

You acknowledge and agree that Your access, visits and use of the Site, Services or App, and acceptance of this Policy herein, are subject to Our Terms of Service, incorporated herein by reference.

By accessing the Services, You agree to comply with this Policy, and that Your data privacy rights and any dispute directly arising out of Your use or misuse, will be governed by this Policy and Our Terms of Service.

We may modify this Policy at any time in Our sole discretion, by posting the amended Policy to the Site. Your continued use of the Services thereafter shall constitute immediate acceptance of all amended terms to this Policy. You should review the most up-to-date version of the Policy from time-to-time on the Site. We will notify You of any material amendments to the Policy through the Site, or through other communication. In the event You choose not to agree and accept the amended Policy, You must cease use of the Services through the App and/or the Site.

Nothing in this Agreement will be deemed to confer any third-party rights or benefits. Our partners, affiliates, vendors, manufacturers, distributors, licensors and/or third-party websites and service providers may have additional data practices, restrictions, limitations and data collection and protection practices, and You should review such policies and terms separately and independently from this Agreement. We are not liable for the data practices, breaches, or security incidents of our third-party affiliates, vendors, partners, or service providers.

This Agreement constitutes a binding agreement between You and Us. By accessing and/or using the Services, either through the Site or the App, You agree to the terms of this Policy.

 

DEFINITIONS

A. Navigational Information is information about Your computer, device, VPN information, IP address, the date and time of the visit and how long You remained on Our Site or App, the referral URL (the site from which the visitor has come), the pages visited on Our Site or App, and information about the device and browser (such as, browser type and version and operating system), browser history, and geographical location.

B. Personal Information includes Your full name, email address, phone numbers, payment information, credit or debit card numbers, personal financial account information, driver’s license numbers or similar personal identifiers, or any information that can be used to identify You or that We can link to You, such as photos, images, and videos.

C. User Content includes any content uploaded or submitted by Users such as feedback, information, updates, comments, text, inventory, lists, images, photographs, videos, notes, sounds, data, posts and suggestions.

D. User Information includes, but is not limited to, Your name, email address, username, passwords, business name, phone number, billing and/or company addresses, and payment information.

 

1. WHAT INFORMATION DO WE COLLECT?
We may, depending on Your use of the Services, collect the following “Data”:

a. Navigational Information and UDID. If You are visiting or using the Services, We may automatically collect Navigational Information, such as Your IP address, the date and time of the visit and how long You remained on Our Site or App, the referral URL, the pages visited on Our Site or App and information about the device and browser (such as, browser type and version and operating system). We may also collect visitor data through third party services such as Google Analytics, in order to better understand visitor behavior, demographics, locations, page views, time spent on the Site or App, and other metrics and analytics used to provide and improve the Services. In addition to the information We collect on Our Site, We may also collect Your city location, device model and version, device identifier (or “UDID”), and OS version. This information is primarily needed to maintain the security and operation of Our Services, Site or Apps, and for Our internal analytics and reporting purposes.

b. Personal Information. We collect Personal Information that You voluntarily provide to Us when (1) creating an Account to use the Services through Our Site or App; (2) when You express an interest in obtaining information about Us or Our Services or products; and (3) when uploading User Content or participating in activities offered through the Services or otherwise contacting Us. The Personal Information We collect can include the following: Your full name, email address, addresses, phone numbers, payment information, credit or debit card numbers, personal financial account information or similar personal identifiers, or any information that can be used to identify You or that We can link to You. All Personal Information that You provide to Us must be true, complete and accurate, and You must notify Us of any changes to such Personal Information.  The Personal Information provided for the Services may be stored and managed on servers and third-party hosting services, such as Microsoft Azure Cloud Services and PayPal.

c. Payment Information. When You sign up to use the Services, We may collect data necessary to process Your payment if You subscribe to the Services, such as Your payment instrument number (such as a credit card number), and the security code associated with Your payment instrument. All payment data is stored by a secure third-party payment gateway, such as PayPal. You may find PayPal’s privacy policy link here: https://www.paypal.com/us/webapps/mpp/ua/privacy-full We are not responsible for the privacy policies of our third-party payment gateways as it relates to data like payment data that does not reside on our servers, so please read their policies carefully.

d. Your Content. Your Content means any content, information or data that Users provide to be made available through the Service, App and/or Site, such as chemical inventory data, location, quantities and information about facility fire and life-safety features, and classifications. We also keep a record of Our correspondence with You, including without limitation, any feedback and/or testimonials You have provided on any of the Services, information provided to Our customer service, and/or Your Content.

e. Online Identifiers. Like many businesses, We also collect information through cookies and similar technologies. We collect devices, cookie identifiers, or others such as the ones used for analytics and marketing, and other similar data. Most Web browsers are set to accept cookies by default. If You prefer, You can usually choose to set Your browser to remove cookies and to reject cookies. If You choose to remove cookies or reject cookies, this could affect certain features or services of Our Services or Apps. To opt-out of interest-based advertising by advertisers on Our Services or Apps visit http://www.aboutads.info/choices/.

f. Mobile Device Data. We may automatically collect device information (such as Your mobile device ID, model and manufacturer), operating system, version information and IP address.

 

2. INFORMATION ABOUT MINORS/CHILDREN. The Site, App and Services are available only for individuals who are thirteen (13) years of age or older. We do not knowingly collect, use, share, process or retain information from persons under the age of thirteen (13). If You are at least thirteen (13) or older but under eighteen (18) years of age or otherwise considered a Minor, (or the legal age of majority where You reside if that jurisdiction has an age of majority older than eighteen (18)), You must review the terms of this Policy with Your parent or legal guardian to make sure that both You and Your parent or guardian understand and agree to this Policy, and Your parent or legal guardian must accept this Policy on Your behalf. If You are a parent or legal guardian agreeing to this Policy on behalf of and for the benefit of a minor, then You agree to, and accept full responsibility for that minor’s use or misuse of the Site, App and Services.

 

3. HOW DO WE USE YOUR DATA?
Your data security is extremely important to Us. We do not sell any Data that we collect. We process and use the Data ONLY for internal business purposes based on our legitimate business interests (described below), the fulfillment of Our legal obligations and contracts with You, compliance with Our legal obligations, and/or with Your consent. Further, We use Personal Information collected via Our Services for a variety of business purposes described below.

By accepting this Policy, You hereby agreed that We may use the Data that We collect or receive:

a. To facilitate Account creation and the logon process;

b. To send You marketing and promotional communications. We and/or Our third-party marketing partners may use the Data You send or give to Us for Our marketing purposes, if this is in accordance with Your marketing preferences. You can opt-out of Our marketing emails at any time;

c. To send administrative information and notices to You regarding Your account. We may use Your Data to send You product, service and new feature information and/or information about changes to Our terms, conditions, and policies;

d. To fulfill and manage Your requests, subscriptions, or inquiries;

e. To deliver targeted advertising to You unless You opt out from receiving such advertising. We may use Your information to develop and display content and advertising (and work with third parties who do so) tailored to Your interests and/or location and to measure its effectiveness;

f. To request feedback and to contact You about Your use of Our Services;

g. To protect Our Services from fraud monitoring and prevention;

h. To enforce Our terms, conditions and policies;

i. To respond to legal requests and prevent harm. If We receive a subpoena or other legal request, We may need to inspect the Data We hold to determine how to respond;

j. To manage User Accounts. We may use Your information for the purposes of managing Our Account and keeping it in working order;

k. To deliver Services to the User. We will use Your information to provide You with the requested service;

l. To respond to user inquiries/offer support to Users.  We may use Your information to respond to Your inquiries and solve any potential issues You might have with the use of Our Services;

m. For other business purposes. We may use Your information for other business purposes, such as data analysis, identifying usage trends, determining the effectiveness of Our promotional campaigns and to evaluate and improve Our Services, Site and App. We may use and store this information in aggregated and anonymized form so that it is not associated with individual end users and does not include Personal Information. We will not use identifiable Personal Information without Your consent;

n. For the purposes of development, research, and improvement of Our Site, App and Services;

o. We may post User testimonials and comments on Our App or Site upon written notice to You, which may contain User Information. You have the right to request removal of such testimonial and/or comment(s) upon receiving Our written notice.

 

4. WHEN WILL DATA BE SHARED?

a. We Never Sell Your Data. Most importantly, We do not sell, share, license, or otherwise transfer Your Personal Information or any personally identifiable information with any entity or person, except as expressly described in this Policy or when We have a legal basis to do so, for instance with Your prior written consent or a court order.

b. Service Providers and Affiliates

    1. We reserve the right to disclose parts or all of the Data that We collect about You to service providers and affiliates who assist Us in Our business purpose either through partnerships, affiliations, contractors and/or licensors. Some service providers and contractors used on Our App and Site include, without limitation, processing payment services, analytics services, customer support services, billing, internal administrative services, maintenance of the Services, and providing business services to Us or to You. In all cases where We share Data with such partners, affiliates, and service providers, We explicitly require them to acknowledge and adhere to Our Privacy Policy and customer data handling policies. Such third parties are prohibited from using any Personal Information except for these stated purposes, and they are required to maintain the confidentiality of Your Data.
    2. HMEx and its’ affiliated entities may share information with third-party data controllers, law enforcement agencies and potential transaction partners where HMEx and its’ affiliated entities have a legal basis to do so.

c. By Law or Protected Right. We may disclose part or all User Information, Your Content and/or Personal Information collected through the Services, if (1) required by law; (2) if We believe that disclosure is necessary to comply with the law; (3) to enforce Our intellectual property rights; (4) to protect the rights, property or safety of Us and Our employees or agents; and (5) if necessary to defend against third-party claims. We may also disclose Data collected on the App or Site when requested to comply with a court order, investigation, subpoena or governmental request. We will notify You of such use, either by a notification on the Site or by email to You.

d. Business Transfers. If We go through a business transfer, such as consolidation, merger, restructuring, acquisition, or sale of part or all of Our assets, You acknowledge and consent to the transfer of Your Data, including User Information, Personal Information and Your Content. You further acknowledge and consent to the continued use of Your Data by the recipient, so long as they comply with this Privacy Policy or a similar policy. In this event, You will be notified via email and/or a prominent notice on Our App or Site, of any change in ownership or business transfer, use of Your Data, and the choices and rights You may have regarding Your Data.

e. Vendors, Consultants and Third-Party Service Providers. We may share Your Data with third party vendors, service providers, contractors or agents who perform services for Us or on Our behalf and require access to such information to do that work. Examples include: payment processing, data analysis, email delivery, hosting services, customer service and marketing efforts. We may allow selected third parties to use tracking technology on the Services or Apps, which will enable them to collect data about how You interact with the Services, Site or Apps over time. This information may be used to, among other things, analyze and track data, determine the popularity of certain content and better understand online activity. Unless described in this Policy, We do not share, sell, rent or trade any of Your Data with third parties for their promotional or commercial purposes. Our third-party providers, processors and affiliates use industry standard data privacy practices to safeguard any sensitive data that they receive, process or use. They will not share Your Personal Information with any organization apart from Us. They will hold it securely and retain it for the period We require or as required by law. However, We are not responsible for the privacy practices other content and/or services operated by third parties that are linked to or integrated with the Service or for the privacy practices of any third party. Our provision of such third-party links, content and/or services does not constitute Our endorsement of these third parties, their content, their owners, or their practices. Once You leave the Site or App via such a link, access a third party application, or click on a third party offer, You should check the applicable privacy policy of the third party or advertiser website to determine, among other things, how they will handle any Personal Information they collect from You.

 

5. WHO WILL YOUR DATA BE SHARED WITH? We may share and disclose Your Data with the following third parties, vendors, contractors and affiliates solely for the purposes of providing and improving the Services, Site and App:

a. Communicate and Chat with Users such as Zendesk & Zoom;

b. Data Backup and Security is part of Microsoft Dynamic 365 platform;

c. Invoice and Billing such as PayPal;

d. Web and Mobile Analytics such as Google Analytics;

e. Website Hosting, such as BlueHost, Microsoft Azure Hosting and Cloud Services.

You have the right to revoke Your consent to Us sharing Your Data. You can exercise this right by contacting Us at [email protected]. Please note that opting-out of sharing your Data may result in impaired Services.

 

6. HOW LONG DO WE KEEP YOUR DATA?

a. We will only keep Your Personal Information for as long as it is necessary for the purposes set out in this Policy, unless a longer retention period is required or permitted by law (such as tax, accounting or other legal requirements). When We have no ongoing legitimate business need to process Your Data, We will either delete, de-identify it or anonymize it. If this is not possible (for example, because Your Data has been stored in backup archives), then We will securely store Your Data and isolate it from any further processing until deletion is possible.

b. Data will not be automatically deleted if Your subscription is cancelled or expires.

c. You can request deletion of Your Data from the system administrator via email.

d. If You have elected to receive marketing communications from Us, We retain information about Your marketing preferences for a reasonable period of time from the date You last expressed interest in Our content or Services, such as when You last opened an email from Us or ceased using Your Account.  We retain information derived from cookies and other tracking technologies for a reasonable period of time from the date such information was created.

 

7. HOW DO WE KEEP YOUR INFORMATION SAFE?

a. We are committed to protecting Your Data and We have implemented appropriate administrative, technical, and physical safeguards designed to safeguard the information that We collect. For instance, We encrypt all data when in transit and at rest. However, no information system can be 100% secure. This means that We cannot guarantee the absolute security of Your Data. Moreover, We are not responsible for the security of information You transmit to Us over networks that We do not control, including the internet and wireless networks, or the data that is stored on Your device. Although We will do Our best to protect Your Personal Information, transmission of Personal Information to and from Our Site or App is at Your own risk. You should only access the services within a secure environment.

b. Secure Sockets Layer (SSL) technology protects Data on Our Site using both server authentication and data encryption, ensuring that user data is safe, secure, and available only to authorized persons.

c. Our computer systems are hosted by Microsoft Azure, a secure data center environment that uses a firewall, intrusion detection systems, and other advanced technology to prevent interference or access from outside intruders.

 

8. WHAT TECHNICAL SAFEGUARDS DO WE USE?
We use the following technical safeguards to protect the Data we collect and store:

a. Unique password requirements and limited employee access;

b. Destruction, deletion or de-identification of Data;

c. Industry standard security protocols; HTTPS, encrypt data at REST, 2Factor Auth & role-based access;

d. Secure Technology (SSL), server authentication and Data encryption and use of firewall to host data;

e. Sub-processors and third parties are bound to same security practice obligations;

f. Automatic and continuous system backups; and

g. Periodic audits.

 

9. WHAT HAPPENS IF THERE IS A DATA BREACH?
In the event of an actual data breach or the unauthorized access or disclosure of any sensitive or personal data, We will notify You in writing as soon as possible outlining the following information:

a. What happened (date of breach is possible, or estimated date of incident, or the date range within which the breached occurred);

b. What information was involved (list the type of Personal Information);

c. What We are doing to help resolve or mitigate the issue (and if there was any delay in providing this notice due to law enforcement investigation);

d. What You can do to help Us;

e. How You can get more information or contact Us;

f. Information about what We have done to protect individuals whose information has been breached;

g. Advice on steps that the person whose information has been breached may take to protect himself or herself; and

h. Information about the steps We have taken to cure the breach and the estimated timeframe for such cure.

 

10. WHAT ARE YOUR PRIVACY RIGHTS?

a. You have certain rights under applicable data protection laws. These may include the right (i) to request access and obtain a copy of Your Personal Information, (ii) to request rectification or erasure; (iii) to restrict the processing of Your Personal Information; and (iv) if applicable, to data portability. In certain circumstances, you may also have the right to object to the sharing of Your Personal Information. To make such a request, please contact Us at [email protected]. We will consider and act upon any request in accordance with applicable data protection laws.

b. If We are relying on Your consent to process Your Personal Information, You have the right to withdraw Your consent at any time. Please note however that this will not affect the lawfulness of the processing before its withdrawal.

c. If You are resident in the European Economic Area and You believe We are unlawfully processing Your Personal Information, You also have the right to complain to Your local data protection supervisory authority. You can find their contact details here: http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm.

d. If You would like to opt-out of or unsubscribe from receiving direct marketing communications, You can also use the unsubscribe link contained in the message You have received. However, You cannot opt out of receiving transactional emails related to Your account with Us or Services, unless You delete Your Account.

e. Where We process Your Data on the basis of Our or a third party’s legitimate interest, You may object to such processing at any time by contacting Us at the address below. Our affiliates and partners are solely responsible for their own marketing emails and other communications directed to You. We cannot unsubscribe You from Our partners’ communications. You may, however, unsubscribe from Our communications regarding Our partners’ by clicking on the “unsubscribe” link located on the bottom of their emails, or by contacting them directly.

f. If You are not satisfied about the manner in which We handle Your complaint, You may also lodge a complaint with Your local data protection authority.

g. Upon Your request to terminate Your account, We will deactivate or delete Your account and information from Our active databases. However, some information may be retained in Our files to prevent fraud, troubleshoot problems, assist with any investigations, enforce Our Terms of Service and/or comply with legal requirements.

h. If You would at any time like to review or change the information in Your Account or terminate Your Account, You must Contact Us using the contact information provided.

11. YOUR RESPONSIBILITIES AND CONSENTS
By visiting or using the Services, You agree to this Privacy Policy. This is the entire and exclusive Privacy Policy and it supersedes any earlier version. By visiting or using the Services, You expressly consent to the following:

a. You consent to the collection, use, disclosure and processing of Your User Information and/or Data in the manner described in this Privacy Policy, including Our procedures relating to cookies, IP addresses, log files and the like;

b. Our servers are based in the United States, so Your Data will be primarily processed by Us in the United States. You consent to the transfer and processing of Your Data in the United States;

c. You consent and agree that We may transfer Your Data to data processors located in countries which do not have data protection laws that provide the same level of protection that exists in countries in the European Economic Area or the U.S. Your consent is voluntary, and You may revoke Your consent by opting out at any time, as described above. Please note that if You opt-out, We may no longer be able to provide You with Our Services; and

d. You consent to Us sharing Your Data with relevant persons working for service providers and third-party affiliates who assist Us to provide Our Service.